"Innovation is the lifeblood of how we operate, but it should never come at the expense of security or vice versa"

As an electronic money issuer, Treezor is bound by a variety of data privacy regulations and requirements, including requirements from the French Regulator (ACPR), the Mastercard network and the European Union’s General Data Protection Regulation (GDPR). Treezor is required to implement strong data security controls to protect personal financial information and other sensitive data. After evaluating several providers, Treezor selected SafeNet Data Protection On Demand (DPoD) due to its ability to provide a cost-effective and easy-to-use cloud HSM service as a highly secure root of trust for cryptographic operations.

“Innovation is the lifeblood of how we operate, but it should never come at the expense of security or vice versa,” said Eric Lassus, CEO of Treezor. “Part of our ethos is to work extremely closely with our clients to understand their needs, which led to the creation of our payment platform using standard APIs. As a result, we need a solution that meets our security, management and commercial needs.”

Treezor, recently acquired by Societe Generale, was familiar with the security advantages of HSMs, but wanted to minimize investments and on-going overheads, so it began investigating cloud-based offerings. Taking advantage of the 30-day free evaluation offered by Thales for its cloud-based HSM solution, Treezor was impressed by the ease of use and the speed it was able to deploy its test environment. During the evaluation phase of SafeNet Data Protection On Demand, the ‘point-and-click’ ease of use convinced Treezor that SafeNet Cloud HSM On Demand service provided the best solution in terms of cost, security and ease of implementation.

With SafeNet Data Protection On Demand, Treezor benefits from:
• Rapid deployment and easy integration – Cloud HSM services were up and running and integrated into their systems in minutes
• Service Level Availability – Unlike other Cloud HSM services on the market, SafeNet Data Protection On Demand comes with a 99.95% SLA
• Predictable costs – Pricing is provided in a predictable way with all costs like redundancy and back-up services inclusive, meaning no hidden charges for high availability

Treezor’s strategy has led to a dramatic growth in two years, from issuing 100,000 cards and €400,000 of transactions in 2017 to over 500,000 cards and €5 billion in 2018.

With the scalability of SafeNet Cloud HSM On Demand, alongside its separation of duties, Treezor can offer each customer their own dedicated HSM service, bringing them safety in the knowledge that their financial and other sensitive data is segregated and protected.

“Working in the financial sector, trust is an extremely high parameter with which companies are judged by customers,” Lassus continued. “We chose Thales because of its stellar reputation in security, the ease-of-use of the whole solution and the high SLAs it guarantees. It’s vital too that we’re able to give our customers a clear insight into costs and availability of our services. The transparency and reliability we’ve received with SafeNet Data Protection On Demand is ideal for our needs of offering services simply, secure and costs effectively across our entire payment chain, from traditional banks to the most innovative fintech companies.”

Todd Moore, vice president of encryption products for cloud protection and licensing activity at Thales said: “he financial industry is one of the most regulated in the world, so it can sometimes be tricky for some to find that balance between innovation and compliance. With SafeNet Data Protection on Demand, Treezor can offer innovative solutions across its payment platform, while ensuring a transparent and secure approach that satisfies both regulators and customers.”